Yes, they offer a cybersecurity breach warranty as part of our MDR and MDR PLUS services that covers customers with up to $1,000,000 in breach response expenses if there is a security incident within the environment protected by MDR or MDR PLUS.

MDR is a managed security service that provides 24×7 defense against cyber threats delivered through our global Security Operations Centers (SOCs). The service includes the underlying security platform (Business Security Enterprise (BSE)) and the continuous monitoring and response to threats

MDR PLUS gives all the protections of MDR and adds the most comprehensive dark web detection and response available performed by a designated, specialized Cyber Intelligence Fusion Cell (CIFC) unit, additional comprehensive threat intelligence reporting, a dedicated Security Account Manager (SAM), and Professional Services onboarding.

The cybersecurity breach warranty coverage is currently available for all customers of MDR and MDR PLUS. Existing customers have been enrolled and will be fully signed on to the warranty once they accept the additional terms and conditions in the portal. All new MDR or MDR PLUS customers will be opted in to the warranty coverage when they sign the MDR subscription contract and must accept an additional series of terms and conditions. Customers may choose to opt out of the warranty coverage if desired.

No, customers on previous tiers of the MDR service do not receive cybersecurity breach warranty coverage. Customers will be transitioned to either MDR or MDR PLUS upon contract renewal and will then receive the cybersecurity breach warranty coverage.

While similar in that they both involve coverage of cyber incidents with forms of monetary compensation, cyber insurance and breach warranties are different things and should not be conflated as being the same. In addition, having a breach warranty should not be considered a replacement for having cyber insurance. It is recommended that organizations still seek out cyber insurance whether they have a breach warranty attached to their service or product. Here are some of the main differences.

Cyber Insurance

·       Offers broader coverage for the organization and is designed to cover a wide range of cyber risks. It is independent of any specific technology or product. Organizations purchase cyber insurance as a standalone policy, and the policy applies regardless of what technologies they use.

·       It covers both first party (direct impact on the insured) and third-party (liabilities toward others) damages.

·       Terms are usually customizable/negotiable based on the organization’s risk profile. 

·       Organizations can often choose the coverage limit and tailor the policy to include specific types of protection.

·       Cyber Insurance has an associated cost (insurance premiums) that can be variable depending on the organization’s risk. Working with the insurance provider, organizations can lower the premiums by meeting certain criteria (such as providing proof of security tools and coverage or other security services).

Breach Warranty

·       Provides specific coverage directly related to the service being provided. Will not cover things that are out of scope or not being covered by the service.

·       Coverage is first party only and will not cover if third parties are affected.

·       The terms are often not customizable and are set by the warranty underwriter. Organizations must agree to those terms without the ability to modify or change them.

·       Breach warranties often have smaller limits compared to cyber insurance policies and these limits are not negotiable.

·       Breach warranties are often less costly or are provided as a free add-on as part of the service subscription.

The tiers are tied to the MDR package and there are different coverages based on the package.

• MDR Cybersecurity Breach Warranty (For MDR) covers up to $100,000. (1)

                    – Ransomware Events – $100,000

• MDR Cybersecurity Breach Warranty PLUS (For MDR PLUS and MDR customers with 1,000+ endpoints) Covers up to $1,000,000 (1)

                     – Ransomware and BEC Event – $200,000

                     – Compliance Event – $200,000

                     – Cyber Legal Liability Event – $500,000 (2)

                     – Business Income Event  – $100,000 (3)

Breach notification costs, compliance and regulatory penalties, and business income loss in relation to the security incident covered.

The customer must subscribe to MDR or MDR PLUS and agree to the additional warranty terms and conditions.

The cybersecurity breach warranty is tied to your MDR or MDR PLUS subscription and will last the duration of the contract period.

We are partnered with Cysurance to offer this cybersecurity breach warranty. Cysurance is a next-generation risk mitigation company that certifies, warranties, and insures cybersecurity solutions for enterprise end-users. Customers of MDR or MDR PLUS service will be automatically onboarded into Cysurance’s system to activate the warranty.

Cysurance as the underwriter of the warranty, also offers cyber insurance policies. They offer possible premium discounts for customers who have obtained their breach warranty through valid providers. Please see their site for more details.

No. The cybersecurity breach warranty agreement and terms and conditions are pre-defined by Cysurance.

Yes, pre-requisites are pre-defined by Cysurance and information on them can be found in your MDR Portal.

No. This cybersecurity breach warranty is only offered as part of the subscription to MDR or MDR PLUS as a no-cost benefit to customers.

Any new MDR or MDR PLUS customer is eligible for the cybersecurity breach warranty; however, pre-existing security incidents are not covered.

All customers of MDR or MDR PLUS are automatically qualified and enrolled in the cybersecurity breach warranty once they agree to the additional terms and conditions. Customers are encouraged to review the terms and conditions to ensure they are staying on top of the requirements for qualifying for a warranty claim. See warranty claim requirement question above for additional details.

Breach Warranty for MDR only covers Ransomware based events. Breach Warranty for MDR PLUS covers any security incident, see table above under question “What are the warranty coverage tiers and how is the amount of the warranty determined?”

The cybersecurity breach warranty is valid in all regions in which we operate. Please note that there is special language in the Terms and Conditions in the following countries: Malaysia, Singapore, and Japan.